/// <summary>
/// 生成Ticket的字符串
/// </summary>
/// <param name="signInInfo">登录信息</param>
/// <param name="strIP">客户端ip</param>
/// <returns>Ticket的字符串</returns>
public static string GenerateTicketString(ISignInInfo signInInfo, string strIP)
{
HttpContext context = HttpContext.Current;
HttpRequest request = context.Request;
XmlDocument xmlDoc = XmlHelper.CreateDomDocument("<Ticket/>");
XmlDocument xmlSignInInfo = signInInfo.SaveToXml();
XmlNode SignInNode = XmlHelper.AppendNode(xmlDoc.DocumentElement, "SignInInfo");
SignInNode.InnerXml = xmlSignInInfo.DocumentElement.InnerXml;
string strTimeout = request.QueryString["to"];
int nTimeout = -1;
if (strTimeout != null)
{
try
{
nTimeout = int.Parse(strTimeout);
}
catch (System.Exception)
{
}
}
else
{
nTimeout = (int)(PassportSignInSettings.GetConfig().DefaultTimeout.TotalSeconds);
}
string strAppID = request.QueryString["aid"];
XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppSSID", Guid.NewGuid().ToString());
XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppID", strAppID);
XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppSTime", DateTimeStandardFormat(SNTPClient.AdjustedTime));
XmlHelper.AppendNode(xmlDoc.DocumentElement, "IP", strIP);
DateTime dtExpireTime = DateTime.MaxValue;
if (nTimeout >= 0)
{
dtExpireTime = SNTPClient.AdjustedTime.AddSeconds(nTimeout);
}
else
if (nTimeout < -1)
{
dtExpireTime = DateTime.MinValue;
}
else
if (nTimeout == -1)
{
dtExpireTime = DateTime.MaxValue;
}
XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppSTimeout", DateTimeStandardFormat(dtExpireTime));
return(xmlDoc.OuterXml);
}
/// <summary>
/// 读取单点登录服务配置
/// </summary>
/// <returns>认证服务器配置信息</returns>
/// <remarks>
/// <code source="..\Framework\TestProjects\DeluxeWorks.Library.Passport.Test\ConfigurationTest.cs" region="SignInConfigTest" lang="cs" title="获取认证服务端配置信息" />
/// </remarks>
public static PassportSignInSettings GetConfig()
{
PassportSignInSettings result =
(PassportSignInSettings)ConfigurationBroker.GetSection("passportSignInSettings");
ConfigurationExceptionHelper.CheckSectionNotNull(result, "passportSignInSettings");
return(result);
}
private string GetSavingCookieKey()
{
string result = PassportSignInSettings.GetConfig().SignInCookieKey;
//暂时不按照租户分Cookie
//if (TenantContext.Current.Enabled)
// result += "-" + HttpUtility.UrlEncode(this.TenantCode);
return(result);
}
/// <summary>
/// 加密Ticket
/// </summary>
/// <param name="ticket">ticket</param>
/// <returns>加密后的Ticket并且使用Base64编码</returns>
public static string EncryptTicket(ITicket ticket)
{
ITicketEncryption et = PassportEncryptionSettings.GetConfig().TicketEncryption;
//byte[] data = et.EncryptTicket(ticket, PassportClientSettings.GetConfig().RsaKeyValue); /del by yuanyong 20090416
//原来是PassportClientSettings,不正确的。加密ticket是PassportService的事情。虽然Client和Service都配置了密钥,但是应该使用Service方的
byte[] data = et.EncryptTicket(ticket, PassportSignInSettings.GetConfig().RsaKeyValue);
return(Convert.ToBase64String(data));
}
/// <summary>
/// 负责认证的服务,带上Ticket重定向到应用的url
/// </summary>
/// <param name="ticket"></param>
public static void SignInServiceRedirectToApp(ITicket ticket)
{
HttpRequest request = HttpContext.Current.Request;
HttpResponse response = HttpContext.Current.Response;
string strReturnUrl = HttpUtility.UrlDecode(request.QueryString["ru"]);
string strLogOffUrl = request.QueryString["lou"];
string strAppID = request.QueryString["aid"];
if (strAppID == null)
{
strAppID = PassportClientSettings.GetConfig().AppID;
}
System.Uri uri = request.Url;
if (strReturnUrl != null)
{
uri = new Uri(strReturnUrl, UriKind.RelativeOrAbsolute);
}
NameValueCollection uriParams = uri.GetUriParamsCollection();
uriParams[TenantExtensions.TenantCodeParamName] = TenantContext.Current.TenantCode;
uri = new Uri(UriHelper.CombineUrlParams(uri.ToString(), true, uriParams), UriKind.RelativeOrAbsolute);
if (strLogOffUrl == null)
{
strLogOffUrl = "#";
}
Uri logOffUri = new Uri(UriHelper.CombineUrlParams(strLogOffUrl, true, uriParams), UriKind.RelativeOrAbsolute);
PassportSignInSettings.GetConfig().PersistSignInInfo.SaveTicket(
ticket,
uri,
logOffUri);
string ticketString = Common.EncryptTicket(ticket);
TicketTransferMethod method = request.QueryString.GetValue("m", TicketTransferMethod.HttpGet);
if (method == TicketTransferMethod.HttpGet)
{
RedirectTicketToApp(uri, ticketString);
}
else
{
SubmitTicketToApp(uri, ticketString);
}
}
private DateTime GetConfigExpireDate()
{
DateTime dt = DateTime.MaxValue;
PassportSignInSettings settings = PassportSignInSettings.GetConfig();
if (settings.DefaultTimeout >= TimeSpan.Zero)
{
dt = SignInTime.Add(settings.DefaultTimeout);
}
return(dt);
}
private bool IsSlidingExpired()
{
bool bExpired = false;
PassportSignInSettings settings = PassportSignInSettings.GetConfig();
if (settings.HasSlidingExpiration)
{
DateTime dtTO = this.SignInTime.Add(settings.SlidingExpiration);
bExpired = (DateTime.Now >= dtTO); //相对时间过期
}
#if DELUXEWORKSTEST
Debug.WriteLineIf(bExpired, "Sliding Expired", "SignInPage Check");
#endif
return(bExpired);
}
/// <summary>
/// 得到每一个应用注销所使用的回调Url
/// </summary>
/// <returns></returns>
public List <AppLogOffCallBackUrl> GetAllRelativeAppsLogOffCallBackUrl()
{
ExceptionHelper.CheckStringIsNullOrEmpty(this.SessionID, "SessionID");
ExceptionHelper.CheckStringIsNullOrEmpty(this.ApplicationID, "ApplicationID");
ExceptionHelper.CheckStringIsNullOrEmpty(this.CallbackUrl, "CallbackUrl");
List <AppLogOffCallBackUrl> urls =
PassportSignInSettings.GetConfig().PersistSignInInfo.GetAllRelativeAppsLogOffCallBackUrl(this.SessionID);
if (AppLogOffCallBackUrlExist(urls, this.ApplicationID, this.CallbackUrl) == false)
{
AppLogOffCallBackUrl au = new AppLogOffCallBackUrl();
au.AppID = this.ApplicationID;
au.LogOffCallBackUrl = this.CallbackUrl;
urls.Add(au);
}
return(urls);
}
/// <summary>
/// 生成SignInInfo的Xml格式数据
/// </summary>
/// <param name="userInfo">用户登录信息</param>
/// <param name="bDontSaveUserID">是否保存用户名</param>
/// <param name="bAutoSignIn">是否自动登录</param>
/// <returns>SignInfo的xml格式数据</returns>
public static XmlDocument GenerateSignInInfo(ISignInUserInfo userInfo, bool bDontSaveUserID, bool bAutoSignIn)
{
string userID = ImpersonateSettings.GetConfig().Impersonation[userInfo.UserID];
HttpContext context = HttpContext.Current;
HttpRequest request = context.Request;
XmlDocument xmlDoc = XmlHelper.CreateDomDocument("<SignInInfo/>");
XmlHelper.AppendNode(xmlDoc.DocumentElement, "SSID", Guid.NewGuid().ToString());
XmlHelper.AppendNode(xmlDoc.DocumentElement, "UID", userID);
XmlHelper.AppendNode(xmlDoc.DocumentElement, "OUID", userInfo.OriginalUserID);
XmlHelper.AppendNode(xmlDoc.DocumentElement, "DO", userInfo.Domain);
object windowsIntegrated;
if (true == userInfo.Properties.TryGetValue("WindowsIntegrated", out windowsIntegrated))
{
XmlHelper.AppendNode(xmlDoc.DocumentElement, "WI", true);
}
XmlHelper.AppendNode(xmlDoc.DocumentElement, "DSUID", bDontSaveUserID);
XmlHelper.AppendNode(xmlDoc.DocumentElement, "ASI", bAutoSignIn);
XmlHelper.AppendNode(xmlDoc.DocumentElement, "STime", DateTimeStandardFormat(SNTPClient.AdjustedTime));
XmlHelper.AppendNode(xmlDoc.DocumentElement, "AS", request.Url.Host + ":" + request.Url.Port);
if (userInfo.Properties.Count > 0)
{
XmlNode nodeProps = XmlHelper.AppendNode(xmlDoc.DocumentElement, Resource.SignInInfoExtraProperties);
foreach (KeyValuePair <string, object> kp in userInfo.Properties)
{
XmlNode nodeProp = XmlHelper.AppendNode(nodeProps, "add");
XmlHelper.AppendAttr(nodeProp, "key", kp.Key);
XmlHelper.AppendAttr(nodeProp, "value", kp.Value.ToString());
}
}
DateTime dtExpireTime = DateTime.MaxValue;
PassportSignInSettings settings = PassportSignInSettings.GetConfig();
if (settings.DefaultTimeout >= TimeSpan.Zero)
{
dtExpireTime = DateTime.Now.Add(settings.DefaultTimeout);
}
else
if (settings.DefaultTimeout < TimeSpan.FromSeconds(-1))
{
dtExpireTime = DateTime.MinValue;
}
else
if (settings.DefaultTimeout == TimeSpan.FromSeconds(-1))
{
dtExpireTime = DateTime.MaxValue;
}
XmlHelper.AppendNode(xmlDoc.DocumentElement, "STimeout", DateTimeStandardFormat(dtExpireTime));
return(xmlDoc);
}
